Ask the Experts

Ask the Experts

• Malware-free attacks: How can enterprises stop them?

  New research shows that threat actors are "living off the land" and infiltrating corporate networks using malware-free attacks. Expert Nick Lewis explains how this is done.  Continue Reading

• How can a malicious C&C server remain undetected?

  A command and control server for the "Gh0st" malware campaign went undetected for two years, according to security researchers. Expert Nick Lewis explains how it happened.  Continue Reading

• How can a DMARC policy improve email security?

  Major email providers are adopting DMARC policies to reduce spam. Expert Michael Cobb explains how DMARC works and why it's is a good thing for email security.  Continue Reading

• What's the difference between two-step verification and 2FA?

  The terms two-step verification and two-factor authentication are used interchangeably, but do they differ from one another? Expert Michael Cobb explains.  Continue Reading

• Are self-encrypting drives the right choice for enterprises?

  Self-encrypting drives can provide added security for enterprises, but they aren't without vulnerabilities. Expert Michael Cobb explains what you need to know.  Continue Reading

• Jeeves programming language: Can it improve security?

  A new research programming language looks to make it easier to enforce security and privacy policies in applications. Expert Michael Cobb explains how it works.  Continue Reading

• Can Firefox tracking protection improve private browsing?

  Firefox aims to improve private browsing with a new tracking protection feature. Expert Michael Cobb explains how the feature works.  Continue Reading

• Do call recordings have PCI DSS requirements?

  Call recordings that include payment information are subject to PCI DSS compliance. Expert Mike Chapple explains how to handle the call center data securely.  Continue Reading

• What are the latest SEC Risk Alert findings?

  The latest SEC Risk Alert from the OCIE has important updates for financial services firms. Expert Mike Chapple reviews the report.  Continue Reading

• Is information security gap analysis important for HIPAA compliance?

  Security gap analysis is a strong, reliable technique for enterprises looking to assure HIPAA compliance. Expert Mike Chapple explains how to perform the analysis.  Continue Reading

• What are the best ways to improve SMB security?

  Despite popular belief, a small to medium-sized business can be a target of cybercriminals because of limited security. Expert Mike O. Villegas advises SMBs on security defenses.  Continue Reading

• How many security administrators does an enterprise need?

  There's no magic formula for figuring out how many security administrators an organization needs, but expert Mike O. Villegas reviews the decision-making process.  Continue Reading

• Can companies safely fire an information security manager?

  An information security manager has access to many privileged systems in an organization, so letting one go can be tricky. Expert Mike O. Villegas explains how to handle the process.  Continue Reading

• How can a directory traversal attack be mitigated?

  A new iOS flaw could allow attackers to conduct directory traversal attacks on AirDrop-enabled devices. Nick Lewis explains how enterprises should handle the threat.  Continue Reading

• Compromised credentials: What can enterprises do?

  Attackers use compromised credentials to infiltrate enterprises undetected and steal corporate data. Expert Nick Lewis offers the best ways to handle this threat.  Continue Reading

• Outdated apps: What are the best ways to address them?

  Dead and outdated apps can pose serious security risks for enterprises. Expert Nick Lewis explains how to find and remove dead apps before they become a problem.  Continue Reading

• How does GreenDispenser self-deleting malware work?

  A new type of self-deleting malware, known as GreenDispenser, allows attackers to rob ATMs of cash. Expert Nick Lewis explains how this threat works and how to prevent it.  Continue Reading

• How can enterprises mitigate IVR security risks?

  Interactive voice response systems can be used by attackers to hack into enterprises. Expert Nick Lewis explains the security risks of IVR systems and how to mitigate them.  Continue Reading

• How does Microsoft's FourQ cryptographic library work?

  Microsoft introduced a new cryptographic library based on FourQ, which the company says is faster than competing algorithms. Expert Michael Cobb takes a closer look at FourQLib.  Continue Reading

• What's the best risk analysis method for enterprises?

  There are a number of different risk analysis methods for enterprises to choose from. Expert Michael Cobb highlights some of the best options available.  Continue Reading

• How does Windows Defender Offline protect endpoints?

  Windows Defender Offline can help tackle malware infections that the basic version of Windows Defender can't remove. Expert Michael Cobb explains how.  Continue Reading

• OPM breach: What's the risk of exposed fingerprint data?

  Millions of fingerprint records were exposed in the OPM breach. Expert Michael Cobb explains how attackers can abuse such biometric data and what enterprises can do about it.  Continue Reading

• Can application wrappers improve mobile security?

  Application wrappers can help improve security for mobile devices, but there are some obstacles. Expert Michael Cobb explains the pros and cons of app wrapping.  Continue Reading

• How can the KeyRaider iOS malware be mitigated?

  A new type of iOS malware can hijack jailbroken iOS devices. Expert Nick Lewis explains how KeyRaider works and how to defend against the threat.  Continue Reading

• What are the effects of the FTC controlling cybersecurity regulations?

  The FTC was granted authority in enterprise cybersecurity regulations. Expert Mike Chapple explains what this means for organizations.  Continue Reading

• Is mobile payment security regulated enough by PCI DSS?

  PCI DSS is pretty specific about security, but does it do enough for mobile payment security? Expert Mike Chapple explains why he says yes.  Continue Reading

• What privacy regulations should enterprises follow?

  The U.S. government has been criticized for its lack of updated privacy regulations. Expert Mike Chapple advises enterprises that want to bolster their privacy policies.  Continue Reading

• How can enterprises mitigate ransomware as a service?

  A rise in ransomware attacks has been attributed to a new service model for cybercriminals. Nick Lewis explains what's behind this new threat.  Continue Reading

• What's the effect of a financial malware tool going public?

  A malware tool that helped to compile the Zeus Trojan has been leaked on the Web. Expert Nick Lewis explains what this means for enterprise security teams.  Continue Reading

• Can a state-sponsored attack on mobile devices be traced?

  When it comes to state-sponsored attacks infecting mobile devices, do users have any chance of tracing the attack? Expert Nick Lewis offers some answers.  Continue Reading

• How can enterprises prevent ASLR bypass flaws?

  Microsoft won't patch certain ASLR bypass flaws, but enterprises still need to protect against them. Expert Nick Lewis explains the threat and how to avoid it.  Continue Reading

• How can the Terracotta VPN attacks be detected?

  Threat actors in China are using VPN services to hide and anonymize their attacks. Expert Nick Lewis explains how to get a handle on these VPN-enabled threats.  Continue Reading

• How does the new voicemail phishing scam work?

  A new phishing scam uses voicemail notification emails to spread malware. Expert Nick Lewis explains how this attack works and how enterprises can prevent it.  Continue Reading

• How can embedded documents be used to attack enterprises?

  A flaw in Microsoft allows attackers in through executable embedded documents. Expert Nick Lewis explains the vulnerability and how enterprises can stop it.  Continue Reading

• How does a new malware obfuscation technique use HTML5?

  A new malware obfuscation technique uses HTML5 to prevent detection of drive-by downloads. Expert Nick Lewis explains the technique and what enterprises can do about it.  Continue Reading

• Drive-by login vs. drive-by download attack: What's the difference?

  A drive-by download attack targets everyone while a drive-by login attack gets personal. Expert Nick Lewis explains the two attacks and what can be done to stop them.  Continue Reading

• What qualifies as a HIPAA business associate?

  It's hard to tell if a company is a HIPAA business associate, but a closer look at HHS documents helps. Expert Mike Chapple discusses a specific case of compliance confusion.  Continue Reading

• Is the FedRAMP certification making a difference?

  There was speculation in the security world over whether the FedRAMP certification would be helpful or not. Now that it's in full use, Mike Chapple looks at the state of FedRAMP.  Continue Reading

• Is a medical device vendor a HIPAA covered entity?

  Medical device companies are part of the health industry, but does that make them a HIPAA covered entity or business associate? Expert Mike Chapple has the answer.  Continue Reading

• How should CISOs present a security assessment report?

  CISOs regularly have to present a security assessment report to the board of directors. Expert Mike O. Villegas has some tips to make it more engaging.  Continue Reading

• How can CISOs improve security communication with the board?

  Effective security communication to board members is an important way to get cybersecurity on their radar. Expert Mike O. Villegas explains how to make this happen.  Continue Reading

• What should security automation do for enterprises?

  Letting security automation handle certain tasks can make a security team more efficient. Here's which tasks should be automated and which should be left to the professionals.  Continue Reading

• Where are all the entry-level security positions hiding?

  Entry-level security jobs can be hard to come by, but the industry still needs more talent. Expert Mike O. Villegas discusses how to break into the security industry.  Continue Reading

• TLS protocol: Can a client puzzle improve security?

  The TLS protocol has fallen on hard times, but expert Michael Cobb explains how client puzzles can help fix some of the problems.  Continue Reading

• Is it safe to use Windows 10 Wi-Fi Sense?

  Microsoft's Wi-Fi Sense for Windows 10 can share encrypted passwords for Wi-Fi networks, but is it safe? Expert Michael Cobb has the answer.  Continue Reading

• How can security vendor hacks affect enterprises?

  Several security vendors and providers have been hacked over the last year. Expert Michael Cobb explains how enterprises should prepare for a vendor hack.  Continue Reading

• How can new template injection vulnerabilities be stopped?

  A newly discovered injection vulnerability affecting template engines could spell trouble for enterprises. Expert Michael Cobb explains how to stop it.  Continue Reading

• Can Vawtrak banking malware bypass two-factor authentication?

  Banking malware Vawtrak has the capability to bypass two-factor authentication. Expert Nick Lewis explains how Vawtrak works and how to stop it.  Continue Reading

• Can attackers steal decryption keys through radio waves?

  Security researchers have figured out how to steal decryption keys through radio waves. Nick Lewis explains how the proof-of-concept attack works and if enterprises should be concerned.  Continue Reading

• Can steganography techniques help attackers hide?

  Attackers may be looking to use steganography techniques to hide their malware. Expert Nick Lewis explains how they work and how to spot them.  Continue Reading

• How does CSIM hijack e-commerce traffic?

  Client-side injection malware, or CSIM, can manipulate how Web advertisements are served on a user's browser. Expert Nick Lewis explains how this happens and how enterprises can stop CSIM.  Continue Reading

• Is click fraud malware hiding bigger potential threats?

  A recent report shows how ransomware evolved from click fraud malware. Expert Nick Lewis explains how low-level threats can hide greater dangers for enterprises.  Continue Reading

• Should the RC4 cipher still be used in enterprises?

  A newly discovered attack can break the RC4 cipher and decrypt user cookies. Expert Michael Cobb explains the attack and the relevance of RC4 in enterprises today.  Continue Reading

• How does the fake Android app BeNews work?

  Find out how to mitigate the risks associated with fake Android apps, like the BeNews app used by the Hacking Team, that trick the Google Play Store.  Continue Reading

• How can software transplants fix bad code?

  Copying and pasting bad code into an application is a big problem for developers, but software transplants can help. Expert Michael Cobb explains the technology.  Continue Reading

• What effect would DMCA changes have on security researchers?

  There's been a lot of controversy around the DMCA, especially because of the Chrysler car hack. Here are the issues with it and how it affects security researchers.  Continue Reading

• How can enterprises stop the OpenSSH vulnerability?

  An OpenSSH vulnerability allows hackers to easily access passwords with a brute force attack. Expert Michael Cobb explains how to mitigate this flaw.  Continue Reading

• How should companies handle SaaS compliance?

  SaaS cloud security presents extra challenges to enterprise compliance. Expert Mike Chapple offers some advice on how to cope with those challenges.  Continue Reading

• What happens if you ignore information security compliance?

  If an enterprise decides to ignore its information security compliance obligations, what happens? Expert Mike Chapple explains what willful noncompliance means.  Continue Reading

• What social media compliance issues plague enterprises?

  Social media compliance issues in Fortune 100 firms aren't what you might expect. Expert Mike Chapple explains the top problems in social media compliance.  Continue Reading

• What is the best way to prepare for the ITPM certification?

  The ITPM certification can help security managers bolster insider threat programs. Here's what the certification involves and how to best prepare for it.  Continue Reading

• Can the CCSP certification fulfill the need for educated professionals?

  The CCSP certification offers security professionals a chance to boost their cloud security knowledge. Expert Mike O. Villegas explains the details and how it differs from CISSP.  Continue Reading

• What is the best way to trim a security portfolio?

  Trimming down a security portfolio and budget is a struggle for many security professionals. Here's how to trim security portfolios without affecting security.  Continue Reading

• What's the best way to handle external security auditors?

  Dealing with external security auditors can make IT professionals uncomfortable. Here are some ways to handle and make the most of the audit process.  Continue Reading

• How can enterprises defend against an evil twin attack?

  The threat of an evil twin attack has plagued enterprises for years, and it's still not leaving. Expert Nick Lewis explains how to defend against evil twins.  Continue Reading

• What's the best way to mitigate the risk of GPU malware?

  GPU malware is different from CPU malware and can't be detected and quarantined with the usual techniques. Here's how to combat this type of malware infection.  Continue Reading

• Moose worm: How can enterprises stop social media fraud?

  A Linux-based Moose worm causes social media fraud through infected routers. Expert Nick Lewis explains how the Moose worm works and how to avoid it.  Continue Reading

• Open source .Net: Are security risks higher?

  Microsoft open sourced its .Net framework recently, and enterprises are concerned. Expert Michael Cobb explores if the fears of open source .Net are warranted.  Continue Reading

• What's the best way to prevent accelerometer tracking?

  Attackers can use accelerometer tracking on mobile devices as an eavesdropping tool. Here are some ways to reduce the threat to your device.  Continue Reading

• How can enterprises protect against Rombertik malware?

  Rombertik malware is a new advanced malware that can trigger a system to self-destruct if it's detected. Expert Nick Lewis explains Rombertik and how to keep it from crippling your system.  Continue Reading

• Should enterprises use the Let's Encrypt open certificate authority?

  Let's Encrypt, a new open certificate authority, is coming soon. Expert Michael Cobb explores the merits of using free and open CAs and whether or not enterprises should explore them.  Continue Reading

• Can facial recognition authentication improve mobile security?

  MasterCard is testing a new facial recognition authentication system for mobile payments. Expert Michael Cobb explains how it works, and what it means for users.  Continue Reading

• Android M security: Is it enterprise-ready?

  The latest version of Google's mobile operating system addresses some key enterprise security concerns. Expert Michael Cobb explains what's new in Android M.  Continue Reading

• How has the NIST random number generation guidance changed?

  The NIST has changed its recommendations on random number generation for cryptographic keys. Expert Michael Cobb outlines the changes and explains why they were made.  Continue Reading

• How should enterprises use the OWASP Top Ten list?

  The OWASP Top Ten list is not a compliance standard but a set of best practices for enterprises looking to boost Web app security. Here's how to get the most out of OWASP Top Ten.  Continue Reading

• What data breach notification policy should enterprises follow?

  A data breach notification policy is important to have, but deciding how to alert customers can be tough. Expert Mike Chapple explains some best practices.  Continue Reading

• How can address bar spoofing vulnerabilities be prevented?

  Address bar spoofing attacks can be detrimental to an organization. Expert Michael Cobb details several vulnerabilities and explains how to defend against the threat.  Continue Reading

• How does tokenization technology affect PCI DSS compliance?

  Tokenization technology can be confusing. Expert Mike Chapple explains what the difference is between two types of tokens and how tokenization can help with PCI DSS compliance.  Continue Reading

• How does OpenPGP encryption improve messaging security?

  Facebook added OpenPGP encryption to its messaging services to help improve messaging safety. Expert Michael Cobb explains the benefits of the approach.  Continue Reading

• Can Google's Chrome extension policy improve Web security?

  The updated Chrome extension policy allows users and developers to only install extensions from the Chrome Web Store. Learn how this affects security and enterprise apps.  Continue Reading

• Code security: Can a continuous delivery model be secured?

  Continuous code delivery is critical in certain scenarios, but it's not always the most secure approach. Michael Cobb explains how to secure code in a continuous delivery model.  Continue Reading

• How does the Logjam vulnerability affect TLS encryption?

  Expert Michael Cobb discusses the TLS protocol flaw dubbed Logjam and explains how to detect if enterprise systems are at risk, as well as how to remediate them.  Continue Reading

• How should enterprises start the vendor management process?

  The security vendor management process can be tricky, especially at the beginning when deciding what to buy and from whom. Expert Mike O. Villegas has some advice.  Continue Reading

• How can stealthy SSL attacks be detected and mitigated?

  SSL attacks "in stealth mode" are helping attackers avoid detection and analysis. Expert Nick Lewis explains how to discover and defend against the threat.  Continue Reading

• What are enterprise social media best practices for CISOs?

  CISOs need to follow certain enterprise social media best practices if they want to safely maintain public profiles. Expert Mike O. Villegas has ten best practices for social media.  Continue Reading

• How can malware sinkholing improve advanced threat defense?

  Learn how malware sinkholing is helping security experts analyze infected devices and even disable malware in compromised endpoints.  Continue Reading

• What should CISOs include in security reports?

  Security reports are a good way for CISOs to communicate with the board of directors. Here are specific topics that should be included in the reporting.  Continue Reading

• Does analyzing motion for mobile malware detection work?

  Motion and gestures are being used for mobile malware detection on smartphones. Learn how this method works and whether it is a worthy addition to an enterprise security strategy.  Continue Reading

• What threat does the CrypVault ransomware attack pose?

  While not very sophisticated, the CrypVault ransomware still poses a major enterprise threat. Expert Nick Lewis explains.  Continue Reading

• Bar Mitzvah attack: Time to ditch the RC4 algorithm?

  The Bar Mitzvah attack exploits weaknesses in the RC4 algorithm. Expert Nick Lewis explains why migrating from RC4 is better than adding additional security controls to secure it.  Continue Reading

• XSS vs. XSSI: What is cross-site script inclusion?

  Expert Michael Cobb explains the difference between cross-site scripting and cross-site scripting inclusion (XSSI) flaws.  Continue Reading

• Does the AFNetworking library inhibit iOS app security?

  Flaws in the AFNetworking code library threaten iOS app security. Expert Michael Cobb explains how to prevent falling victim to the flaws.  Continue Reading

• Can a subscription ease SSL certificate management?

  SSL subscription services are emerging to help enterprises handle the daunting task of SSL certificate management. Expert Michael Cobb discusses the benefits of such a service.  Continue Reading

• Can opportunistic encryption improve browser security?

  Opportunistic encryption offers encryption for servers that don't support HTTPS. Expert Michael Cobb explains how it works and how it can help Web security.  Continue Reading

• What does the CASP certification update include?

  CompTIA released updates to the CASP certification. Expert Mike O. Villegas reviews the changes and discusses whether they add value to the certification.  Continue Reading

• Why did Anthem resist government vulnerability assessments?

  Vulnerability assessments are often a requirement for organizations that have suffered a data breach and the assessors' results can be invaluable to protect a business.  Continue Reading

• What should you look for in candidates for a CISO position?

  The CISO position can be tough to fill, especially when enterprises set high expectations for the candidates. Expert Mike O. Villegas discusses key CISO qualifications.  Continue Reading

• What does the Consumer Privacy Bill of Rights mean for enterprises?

  The Consumer Privacy Bill of Rights, if made a federal law, would create a uniform set of privacy requirements. Here's a look at the potential benefits.  Continue Reading

• How can companies avoid failing the annual FISMA audit?

  The annual FISMA audit is designed to ensure companies need to have consistent security standards. Here's how to prepare for the audits.  Continue Reading

• How should enterprises manage social media compliance incidents?

  Social media compliance incidents in financial institutions are on the rise. Here are the most common violations and how to avoid them in the future.  Continue Reading